City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.41.14.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7710
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;140.41.14.242. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012201 1800 900 604800 86400
;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 07:27:55 CST 2025
;; MSG SIZE rcvd: 106Host 242.14.41.140.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 242.14.41.140.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 23.254.203.84 | attackspambots | Fail2Ban - SSH Bruteforce Attempt |
2019-10-11 06:45:00 |
| 27.128.230.190 | attackspam | Oct 10 13:28:21 nbi-636 sshd[21273]: User r.r from 27.128.230.190 not allowed because not listed in AllowUsers Oct 10 13:28:21 nbi-636 sshd[21273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.230.190 user=r.r Oct 10 13:28:23 nbi-636 sshd[21273]: Failed password for invalid user r.r from 27.128.230.190 port 56456 ssh2 Oct 10 13:28:23 nbi-636 sshd[21273]: Received disconnect from 27.128.230.190 port 56456:11: Bye Bye [preauth] Oct 10 13:28:23 nbi-636 sshd[21273]: Disconnected from 27.128.230.190 port 56456 [preauth] Oct 10 13:43:17 nbi-636 sshd[24246]: User r.r from 27.128.230.190 not allowed because not listed in AllowUsers Oct 10 13:43:17 nbi-636 sshd[24246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.230.190 user=r.r Oct 10 13:43:20 nbi-636 sshd[24246]: Failed password for invalid user r.r from 27.128.230.190 port 38414 ssh2 Oct 10 13:43:20 nbi-636 sshd[24246]: Rece........ ------------------------------- |
2019-10-11 06:52:37 |
| 121.204.143.153 | attack | Oct 10 21:03:03 hcbbdb sshd\[14461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.143.153 user=root Oct 10 21:03:04 hcbbdb sshd\[14461\]: Failed password for root from 121.204.143.153 port 46879 ssh2 Oct 10 21:07:39 hcbbdb sshd\[14985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.143.153 user=root Oct 10 21:07:40 hcbbdb sshd\[14985\]: Failed password for root from 121.204.143.153 port 64910 ssh2 Oct 10 21:12:12 hcbbdb sshd\[15477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.143.153 user=root |
2019-10-11 06:31:57 |
| 51.83.69.183 | attackspam | Oct 11 00:15:47 root sshd[31510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.69.183 Oct 11 00:15:49 root sshd[31510]: Failed password for invalid user UIOP7890 from 51.83.69.183 port 51718 ssh2 Oct 11 00:19:13 root sshd[31559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.69.183 ... |
2019-10-11 06:24:42 |
| 104.131.37.34 | attackspam | Oct 11 00:15:55 ns381471 sshd[12624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.37.34 Oct 11 00:15:56 ns381471 sshd[12624]: Failed password for invalid user p@$$w0rd2017 from 104.131.37.34 port 56753 ssh2 Oct 11 00:20:47 ns381471 sshd[12753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.37.34 |
2019-10-11 06:27:59 |
| 131.108.48.151 | attackbotsspam | 2019-10-10T22:12:16.905685abusebot-5.cloudsearch.cf sshd\[2533\]: Invalid user webmaster from 131.108.48.151 port 30595 |
2019-10-11 06:41:16 |
| 31.40.179.110 | attackbots | Oct 9 16:21:08 mxgate1 postfix/postscreen[22641]: CONNECT from [31.40.179.110]:44431 to [176.31.12.44]:25 Oct 9 16:21:08 mxgate1 postfix/dnsblog[22775]: addr 31.40.179.110 listed by domain cbl.abuseat.org as 127.0.0.2 Oct 9 16:21:08 mxgate1 postfix/dnsblog[22773]: addr 31.40.179.110 listed by domain zen.spamhaus.org as 127.0.0.3 Oct 9 16:21:08 mxgate1 postfix/dnsblog[22773]: addr 31.40.179.110 listed by domain zen.spamhaus.org as 127.0.0.4 Oct 9 16:21:08 mxgate1 postfix/dnsblog[22774]: addr 31.40.179.110 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Oct 9 16:21:08 mxgate1 postfix/postscreen[22641]: PREGREET 48 after 0.15 from [31.40.179.110]:44431: EHLO ae20-10499.SMFL-04-BPE1.miranda-media.net Oct 9 16:21:08 mxgate1 postfix/postscreen[22641]: DNSBL rank 4 for [31.40.179.110]:44431 Oct x@x Oct 9 16:21:09 mxgate1 postfix/postscreen[22641]: HANGUP after 0.5 from [31.40.179.110]:44431 in tests after SMTP handshake Oct 9 16:21:09 mxgate1 postfix/postscreen[226........ ------------------------------- |
2019-10-11 06:21:13 |
| 211.220.27.191 | attackspam | SSH brutforce |
2019-10-11 06:30:24 |
| 185.224.251.120 | attackbotsspam | Lines containing failures of 185.224.251.120 Oct 9 23:21:43 shared02 sshd[15796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.224.251.120 user=r.r Oct 9 23:21:45 shared02 sshd[15796]: Failed password for r.r from 185.224.251.120 port 48318 ssh2 Oct 9 23:21:45 shared02 sshd[15796]: Received disconnect from 185.224.251.120 port 48318:11: Bye Bye [preauth] Oct 9 23:21:45 shared02 sshd[15796]: Disconnected from authenticating user r.r 185.224.251.120 port 48318 [preauth] Oct 9 23:39:22 shared02 sshd[20871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.224.251.120 user=r.r Oct 9 23:39:24 shared02 sshd[20871]: Failed password for r.r from 185.224.251.120 port 56564 ssh2 Oct 9 23:39:24 shared02 sshd[20871]: Received disconnect from 185.224.251.120 port 56564:11: Bye Bye [preauth] Oct 9 23:39:24 shared02 sshd[20871]: Disconnected from authenticating user r.r 185.224.251.120 p........ ------------------------------ |
2019-10-11 06:26:28 |
| 111.230.53.144 | attack | Oct 11 00:22:01 vmanager6029 sshd\[26240\]: Invalid user \#EDCXZAQ! from 111.230.53.144 port 33820 Oct 11 00:22:01 vmanager6029 sshd\[26240\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.53.144 Oct 11 00:22:03 vmanager6029 sshd\[26240\]: Failed password for invalid user \#EDCXZAQ! from 111.230.53.144 port 33820 ssh2 |
2019-10-11 06:52:58 |
| 95.167.39.12 | attack | 2019-10-10T22:43:58.500100abusebot-6.cloudsearch.cf sshd\[15594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12 user=root |
2019-10-11 06:44:19 |
| 112.85.42.177 | attackbotsspam | Oct 10 22:20:30 *** sshd[495]: User root from 112.85.42.177 not allowed because not listed in AllowUsers |
2019-10-11 06:25:57 |
| 42.51.13.102 | attackbots | Oct 10 10:50:01 myhostname sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 10:50:03 myhostname sshd[20963]: Failed password for r.r from 42.51.13.102 port 57284 ssh2 Oct 10 10:50:03 myhostname sshd[20963]: Received disconnect from 42.51.13.102 port 57284:11: Bye Bye [preauth] Oct 10 10:50:03 myhostname sshd[20963]: Disconnected from 42.51.13.102 port 57284 [preauth] Oct 10 11:14:57 myhostname sshd[21029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 11:14:59 myhostname sshd[21029]: Failed password for r.r from 42.51.13.102 port 43249 ssh2 Oct 10 11:14:59 myhostname sshd[21029]: Received disconnect from 42.51.13.102 port 43249:11: Bye Bye [preauth] Oct 10 11:14:59 myhostname sshd[21029]: Disconnected from 42.51.13.102 port 43249 [preauth] Oct 10 11:19:42 myhostname sshd[21038]: pam_unix(sshd:auth): authentication fail........ ------------------------------- |
2019-10-11 06:48:52 |
| 103.26.99.143 | attackspam | 2019-10-10T21:42:37.547752abusebot-5.cloudsearch.cf sshd\[2243\]: Invalid user Brain@123 from 103.26.99.143 port 38738 |
2019-10-11 06:55:44 |
| 182.61.170.251 | attackspambots | 2019-10-10T22:13:37.390235abusebot-3.cloudsearch.cf sshd\[29209\]: Invalid user Royal@2017 from 182.61.170.251 port 50770 |
2019-10-11 06:54:52 |